Below are some useful debugs to collect while working with TAC for CWA issue.
Description: these debugs are mainly for a scenario in which the end device is stuck in a redirect loop. Clients connect to CWA ssid and gets the AUP page with accept button. clicks on accept button and gets the AUP page again.
Here are the debugs/traces/show commands we plan to use on 5760, ISE and client side.
set trace group-wireless-secure filter mac xxxx.xxxx.xxxx
set trace aaa wireless events level debug
set trace aaa wireless events filter mac xxxx.xxxx.xxxx
set trace group-wireless-secure level debug
debug client mac-address
debug aaa wireless all
debug ip http transactions
debug ip http url
debug ip socket error
debug authentication all
debug authentication feature spi al
debug epm all
debug epm plugin acl all
debug epm plugin redirect all
debug epm plugin redirect detail
“log to buffer" “save to ftp" “confirm debug level"
logging buffered 16000000
no logging rate-limit
show wireless client mac-address detail
show authentication session mac detail
show platform acl le | be
Wireshark if possible on laptop during failure and working.
Client mac address, model, ios and browser type on all clients being tested/reported.
Verify it works when opening new tab or new browser and if original browser fails does it work if you go back to original browser.
Hi guys,As part of POC , I started working to setup wireless Hotspot for guest on WLC 5520 code 220.127.116.11 integrated with our DEV ISE2.6 for webpage redirection and authentication & authorization. I followed all the cisco recommended steps and s...
Hello Experts, We have a requirement to enable 2FA for device administration on AireOS WLCs with passcodes using the ISE & SAFENET. When I test the passcode option with Cisco switches it works fine (after success TACACS authentication,...
Greetings,I have a configuration issue with an Aironet 1262N running in Autonomous mode. It is connected to a dot1q trunk port on a 3750G (POE version). I have attempted to configure a suite of SSIDs but only one SSID seems to be available - "t...
Hello, I have doubts about my configuration on my Wlc2504.I have only 2 interfaces: 1- interface management: vlan identifier untagged (0) 192.168.100.102- interface clients: vlan identifier 2 192.168.200.10 and 2 ssid: management : associat...